All new direct suppliers (including sub-processors) undergo due diligence that takes the form of one or more questionnaires covering a range of topics.
These include: Information Security, Physical Security, PCI-DSS, Data Protection, Business Continuity, Corporate Governance and Quality, Health & Safety, Environment, Equal Opportunities, Diversity, Anti-Bribery & Anti-Corruption, Modern Slavery and Child Labour, Ethical Business Practices / Corporate Social Responsibility.
Due diligence also includes a credit check and review of policies, certifications, independent audit reports, independent penetration tests (including remediation follow-up) etc, as appropriate.
In addition, all suppliers must confirm they will adhere to our Supplier Operating Principles, which include clauses covering:
